Month: October 2018

Look out, someone has released the Kraken — or at least a ransomware strain named after it. Kraken Cryptor ransomware first made its appearance back in August, but in mid-September, the malicious beast emerged from the depths disguised as the legitimate spyware application SuperAntiSpyware. In fact, the attackers behind the ransomware were able to access

In a panel focused on securing the enterprise at a conference by the same name hosted by MIT CSAIL and BT Security, moderator Michael Siegel, principal research scientist, management science at MIT Sloan School of Management, talked with panel members about whether their organizations are secure. “Rather than going out and doing some big review, we

by John E Dunn Earlier this month, an IT admin at Morris Hospital near Chicago started receiving complaints that dozens of staff iPads, iPhones, and Apple Watches had suddenly stopped working. That’s an unusual failure rate for a single building but what made it odder was that non-Apple devices seemed to be working fine. As

The need to defend a growing threat surface highlights the widening cybersecurity skills gap If you are concerned about the privacy and security of your information you might have noticed recent headlines declaring that the global cybersecurity job skills gap has grown to three million. This very worrying assertion – that many organizations around the

Apple introduces a new privacy feature for all new MacBooks that “at some extent” will prevent hackers and malicious applications from eavesdropping on your conversations. Apple’s custom T2 security chip in the latest MacBooks includes a new hardware feature that physically disconnects the MacBook’s built-in microphone whenever the user closes the lid, the company revealed

With Apple’s AirPower still missing in action, the Apple accessory ecosystem has been attempting to fill the need with similar products. Some of these third party products are better than others, and the new Base Station from Nomad looks to be the best of them all. The Base Station does two things. One, it wireless

Brex, the corporate card built for startups, unveiled its new rewards program today. The billion-dollar company, which announced its $125 million Series C three weeks ago, has partnered with Amazon Web Services, WeWork, Instacart, Google Ads, SendGrid, Salesforce Essentials, Twilio, Zendesk, Caviar, HubSpot, Orrick, Snap, Clerky and DoorDash to give entrepreneurs the ability to accrue

This blog was co-written by Rafael Pena. We recently received customer submissions related to a phishing campaign that was redirecting users to a browser hijacker. It became clear, after analysis, that these cases were related to a technical support scam in which the attacker uses scare tactics—such as displaying fake error messages and phone numbers—to

Many people think of two-factor authentication as a panacea for protecting users. While 2FA does drastically improve user protections, there are still risks. Attackers recognize that every security control implemented in an enterprise comes with its own risks that need to be managed. Therefore, they have learned to attack security controls in order to compromise

A new technique to escape malware detection has been used in a malicious campaign targeting smartphones, according to The Media Trust. In today’s blog post, Michael Bittner, digital security and operations manager at The Media Trust, revealed that the campaign involved third-party code that enabled smart malware delivery. The malware, dubbed JuiceChecker-3PC by The Media

by Lisa Vaas Tyler Rai Barriss – the 25-year-old man from southern California who SWATted an innocent man who was killed in a subsequent police shooting – will plead guilty to 46 new federal charges, according to local news outlets in Kansas, where victim Andrew Finch lived and where Barriss is in prison. A federal

What has the Internet brought us? And how does privacy stay anchored in the data deluge of the digital age? Here’s a brief reflection to celebrate today’s Internet Day So, we no longer need to wade through encyclopedias in our quest for knowledge. Have a ravenous appetite for entertainment? The fix is just a few

Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft Store apps with extensive file system permission to access all files on users’ computers without their consent. With Windows 10, Microsoft introduced a common platform, called Universal Windows Platform (UWP), that allows apps to

Apple is expanding the number and types of classes it hosts at its retail stores, under the banner of “Today at Apple.” The company says it’s adding 60 more sessions at its stores, including those focused on using its newer apps, like Siri Shortcuts and Clips, as well as those focused on AR, art, music,

Social e-commerce startup Goxip raised $5 million in January, and now the Hong Kong-based business has brought in more cash with a strategic $1.4 million investment from financial services company Convoy. Existing backers including Chinese photo app company Meitu also took part. Convoy offers a range of services that include asset management, insurance and other

One of the things we at McAfee have been looking at this midterm election season is the security of election infrastructure at the individual county and state levels. A lot of media and cybersecurity research focus has been placed on whether a major national attack could disrupt the entire U.S. voting infrastructure. Headlines and security

In what it is calling the “most significant tech acquisition of 2018,” IBM announced today that it will acquire Red Hat, a global provider of open source cloud software. The two companies have finalized an agreement subject to Red Hat shareholder and regulatory approvals, which is expected to close in late 2019. According to IBM,

by Lisa Vaas You’re crossing a road on a dark night. There’s a self-driving car on course to run you down. What are the chances that after it (hopefully) detects you, it will make a split-second decision that, if it has to risk killing somebody, it’s you rather than somebody else? Sure, it sounds like a

Ransomware remains a serious threat and this new white paper explains what enterprises need to know, and do, to reduce risk Throughout 2018 criminals have continued to target large organizations with ransomware. Today we introduce a new white paper that explains why ransomware is still a serious threat to your organization – regardless of size

It’s been quite a year for the open source platforms. Earlier this year, Microsoft acquired popular code repository hosting service GitHub for $7.5 billion, and now IBM has just announced the biggest open-source business deal ever. IBM today confirmed that it would be acquiring open source Linux firm Red Hat for $190 per share in

A little good press goes a long way for a company like Amazon. The company routinely gets knocked for things like warehouse conditions, tax breaks and impact on smaller retail outlets. AmazonSmile’s helped to counteract that a bit, raising money for legitimately good causes, skimmed off purchases from the site. The online retail giant announced

John Vrionis Contributor It’s time to bring the conversation about where Silicon Valley gets its money from out into the open. Following recent revelations into Saudi Arabia’s extensive reach and influence in the US technology sector, the willful ignorance that has defined the relationship between venture capital firms and the limited partnerships (LPs) that fund

Having a lack of influence in the boardroom is one reason why 84% of CISOs in North America believe there is no way to avoid a cybersecurity breach, according to a new report from Kaspersky Lab. Results from the report What It Takes to Be a CISO: Success and Leadership in Corporate IT Security, an annual survey

by Danny Bradbury Alex Stamos, the former security chief at Facebook, has called out Apple CEO, Tim Cook, for what he sees as the company’s hypocrisy over user privacy. In a series of tweets, Stamos warned the media against heaping too much praise on Cook, who has repeatedly called for privacy-friendly business models for the

The McAfee Mobile Research team recently found an active phishing campaign using text messages (SMS) that tricks users into downloading and installing a fake voice-message app which allows cybercriminals to use infected devices as network proxies without users’ knowledge. If the fake application is installed, a background service starts a Socks proxy that redirects all

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Task Scheduler—has yesterday released another proof-of-concept exploit for a new Windows zero-day vulnerability. SandboxEscaper posted a link to a Github page hosting a proof-of-concept (PoC) exploit for the vulnerability that appears to be a privilege escalation flaw

Chinese startups rule the roost when it comes to total reported venture dollars raised so far in 2018. That is, mostly. In one key category at least — software-as-a-service, better known as SaaS — they do not. Ant Financial raised the largest-ever VC round in June, a mind-boggling $14 billion in Series C funding. And nearly a dozen

There’s some turmoil brewing over at Miami-based facial recognition startup Kairos. Late last month, New World Angels President and Kairos board chairperson Steve O’Hara sent a letter to Kairos founder Brian Brackeen notifying him of his termination from the role of chief executive officer. The termination letter cited willful misconduct as the cause for Brackeen’s

It’s the middle of a workday. While researching a project, a random ad pops up on your computer screen alerting you of a virus. The scary-looking, flashing warning tells you to download an “anti-virus software” immediately. Impulsively, you do just that and download either the free or the $9.99 to get the critical download. But

As concern over medical device cybersecurity grows, the U.S. Food and Drug Administration has taken additional steps to help hospitals get in front of the issue, an action commended by one medical device company CEO. The FDA recently announced efforts to strengthen the agency’s medical device cybersecurity program to help device manufacturers identify security vulnerabilities